on protecting your email – extreme edition

I recently helped a friend of a friend create a new email process for himself. He’s a journalist and wanted a little more protection than is usual. He’s been noticed by governments, corporations and others, and has had some problems with his email being stolen in the past. He’s had a laptop stolen and some of his email appearing in print.

His situation is far from typical, but it was an interesting thought experiment to see how “secure” one could be, if paranoid enough and accepting of enough cost and inconvenience.

We looked at several threats against his email and personal and professional files, and came up with some easy changes that could cut his risk significantly.

One of his suspicions was that at some point his US-based ISP had been forced to turn over some of his email. For that reason, I recommended that he find an “off shore” email provider. I recommended going to a provider in the EU, as they have much better privacy laws, and a history of telling other nations to buzz off. Sadly, the UK isn’t a good option, as between the “special relationship” and the Official Secrets Act, even their own citizens aren’t well protected. Their ongoing debate about their national identity cards shows a certain bias for the government at the expense of their citizens, although this may be settled, at least for now. I think the Netherlands, Germany or Switzerland would be good email homes, as there seem to be numerous options for hosted email in those countries, and the few that I checked into all offer SSL-protected web mail.

Next, we talked about installing PrettyGoodPrivacy to protect his email in transit. PGP has been acquired (and re-acquired) since the days of Phil Karn, but they still have a solid reputation. If you are a geek, then you can get and install the open source gpg (Gnu Privacy Guard). Commercial PGP offers good email encryption, good file encryption and even hard drive Whole Disk Encryption (WDE).

Another part of his “threat model” is theft of his laptop to get his files. While encrypting hard drives are becoming more available, there may or may not be OS level support. Check out offerings from Seagate and Hitachi as well as some laptops from Dell and IBM which include encrypting hard drives.

If you don’t select a hardware drive encryption solution, you can use PGP or TrueCrypt. If you just want the data encrypted and you don’t care if someone might know that you have encrypted data, then PGP. If you are concerned about someone knowing that you have secrets, then TrueCrypt. Since TrueCrypt can make invisible (or at least hard to detect) partitions, that’s an additional level of assurance.

As an international traveler, your laptop is subject to search at any border, including the US ports of entry. France and China have also been mentioned as countries with some level of laptop threat at their borders. There are a few ways to get your data through the entries, although some may raise red flags.

First, you can just encrypt some files, or even the entire hard disk with PGP. This may raise questions, and in some jurisdictions (UK,
maybe US), the authorities may be able to compel you to divulge any passwords to unlock the files or drive. There have been two people jailed in the UK for refusing to divulge their passwords. US law is unclear, as the Circuits have ruled in different ways in different cases, if I recall correctly.

If you want to carry encrypted data without it being apparent, then you can use TrueCrypt to create an encrypted “volume” which will look
like a regular file. Just name the file something innocuous, like “refrigerator-ref-manual.pdf.zip”. Even if “they” try to un-zip the file, it will appear to be a damaged ZIP file. Oh darn, too bad.

But best of all is to not actually carry any data at all… Store your data at your non-US ISP, and keep nothing on your laptop except a web browser. You can always get to your data as long as you have a net connection, but you don’t carry it where it can be seized or lost if your laptop is stolen. If you need your data when you aren’t connected, then just put the data at the ISP and clear it off your laptop before you travel, and then download it at your destination and then carry it around. This method has been recommended in the corporate security press for protecting corporate secrets.

One novel idea is to not carry a laptop at all. Carry an iPad and use it to read your email and access your data. Store nothing on the
iPad, and clear the browser cache frequently. No one will know how to search it at a border, as there are no currently no common tools to
image an iPad. Even when those tools arrive, there will be no data to find.